Improper Input Validation Affecting bind9 package, versions <1:9.8.4.dfsg.P1-6+nmu1
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIANUNSTABLE-BIND9-346419
- published 25 Jan 2013
- disclosed 25 Jan 2013
Introduced: 25 Jan 2013
CVE-2012-5689 Open this link in a new tabHow to fix?
Upgrade Debian:unstable
bind9
to version 1:9.8.4.dfsg.P1-6+nmu1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream bind9
package and not the bind9
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.